Skip to content

Commit

Permalink
Merge pull request #41 from nasa/31_TcApply_Memcpy_Misaligned
Browse files Browse the repository at this point in the history 
31 tc apply memcpy misaligned
  • Loading branch information
@dccutrig
dccutrig committed Dec 22, 2021
2 parents ac0cbe5 + 0cef3a7 commit cf08901
Showing 1 changed file with 24 additions and 34 deletions.
58 changes: 24 additions & 34 deletions src/src_main/crypto_tc.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -235,10 +235,27 @@ int32_t Crypto_TC_ApplySecurity(const uint8_t *p_in_frame, const uint16_t in_fra
break;
}

// Accio buffer
p_new_enc_frame = (uint8_t *)malloc((*p_enc_frame_len) * sizeof(uint8_t));
if (!p_new_enc_frame)
{
printf(KRED "Error: Malloc for encrypted output buffer failed! \n" RESET);
status = CRYPTO_LIB_ERROR;
return status;
}
memset(p_new_enc_frame, 0, *p_enc_frame_len);

// Determine if segment header exists
uint8_t segment_hdr_len = SEGMENT_HDR_SIZE;
if (current_managed_parameters->has_segmentation_hdr == TC_NO_SEGMENT_HDRS)
{
segment_hdr_len = 0;
}

#ifdef TC_DEBUG
printf(KYEL "DEBUG - Total TC Buffer to be malloced is: %d bytes\n" RESET, *p_enc_frame_len);
printf(KYEL "\tlen of TF\t = %d\n" RESET, temp_tc_header.fl);
// printf(KYEL "\tsegment hdr\t = 1\n" RESET); // TODO: Determine presence of this so not hard-coded
printf(KYEL "\tsegment hdr len\t = %d\n" RESET, segment_hdr_len);
printf(KYEL "\tspi len\t\t = 2\n" RESET);
printf(KYEL "\tshivf_len\t = %d\n" RESET, sa_ptr->shivf_len);
printf(KYEL "\tshsnf_len\t = %d\n" RESET, sa_ptr->shsnf_len);
Expand All @@ -248,18 +265,8 @@ int32_t Crypto_TC_ApplySecurity(const uint8_t *p_in_frame, const uint16_t in_fra
printf(KYEL "\tstmacf_len\t = %d\n" RESET, sa_ptr->stmacf_len);
#endif

// Accio buffer
p_new_enc_frame = (uint8_t *)malloc((*p_enc_frame_len) * sizeof(uint8_t));
if (!p_new_enc_frame)
{
printf(KRED "Error: Malloc for encrypted output buffer failed! \n" RESET);
status = CRYPTO_LIB_ERROR;
return status;
}
memset(p_new_enc_frame, 0, *p_enc_frame_len);

// Copy original TF header
memcpy(p_new_enc_frame, p_in_frame, TC_FRAME_PRIMARYHEADER_STRUCT_SIZE);
// Copy original TF header, w/ segment header if applicable
memcpy(p_new_enc_frame, p_in_frame, TC_FRAME_HEADER_SIZE + segment_hdr_len);

// Set new TF Header length
// Recall: Length field is one minus total length per spec
Expand Down Expand Up @@ -330,7 +337,6 @@ int32_t Crypto_TC_ApplySecurity(const uint8_t *p_in_frame, const uint16_t in_fra
if (sa_ptr->shsnf_len > 0)
{
// If using anti-replay counter, increment it
// TODO: API call instead?
// TODO: Check return code
Crypto_increment(sa_ptr->arc, sa_ptr->shsnf_len);
for (int i = 0; i < sa_ptr->shsnf_len; i++)
Expand Down Expand Up @@ -362,27 +368,17 @@ int32_t Crypto_TC_ApplySecurity(const uint8_t *p_in_frame, const uint16_t in_fra
** End Security Header Fields
*/

// Determine if FECF exists
uint8_t fecf_len = FECF_SIZE;
if (current_managed_parameters->has_fecf == TC_NO_FECF)
{
fecf_len = 0;
}
uint8_t segment_hdr_len = SEGMENT_HDR_SIZE;
if (current_managed_parameters->has_segmentation_hdr == TC_NO_SEGMENT_HDRS)
{
segment_hdr_len = 0;
}

// Copy in original TF data - except FECF
// Will be over-written if using encryption later
// and if it was present in the original TCTF
// if FECF
// Even though FECF is not part of apply_security payload, we still have to subtract the length from the
// temp_tc_header.fl since that includes FECF length & segment header length.
tf_payload_len = temp_tc_header.fl - TC_FRAME_HEADER_SIZE - segment_hdr_len - fecf_len + 1;
// if no FECF
// tf_payload_len = temp_tc_header.fl - TC_FRAME_PRIMARYHEADER_STRUCT_SIZE;
memcpy((p_new_enc_frame + index), (p_in_frame + TC_FRAME_PRIMARYHEADER_STRUCT_SIZE), tf_payload_len);
// index += tf_payload_len;
memcpy((p_new_enc_frame + index), (p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len), tf_payload_len);

/*
** Begin Security Trailer Fields
Expand Down Expand Up @@ -437,9 +433,7 @@ int32_t Crypto_TC_ApplySecurity(const uint8_t *p_in_frame, const uint16_t in_fra

if ((sa_service_type == SA_ENCRYPTION) || (sa_service_type == SA_AUTHENTICATED_ENCRYPTION))
{
// TODO: More robust calculation of this location
// uint16_t output_loc = TC_FRAME_PRIMARYHEADER_STRUCT_SIZE + 1 + 2 + temp_SA.shivf_len + temp_SA.shsnf_len +
// temp_SA.shplf_len;

#ifdef TC_DEBUG
printf("Encrypted bytes output_loc is %d\n", index);
printf("tf_payload_len is %d\n", tf_payload_len);
Expand Down Expand Up @@ -476,7 +470,6 @@ int32_t Crypto_TC_ApplySecurity(const uint8_t *p_in_frame, const uint16_t in_fra
status = CRYPTO_LIB_ERR_AUTHENTICATION_ERROR;
return status;
}

free(aad);
}

Expand Down Expand Up @@ -528,7 +521,6 @@ int32_t Crypto_TC_ApplySecurity(const uint8_t *p_in_frame, const uint16_t in_fra
return status;
}
}

// Close cipher, so we can authenticate encrypted data
gcry_cipher_close(tmp_hd);
}
Expand Down Expand Up @@ -627,7 +619,6 @@ int32_t Crypto_TC_ApplySecurity(const uint8_t *p_in_frame, const uint16_t in_fra
// Only calculate & insert FECF if CryptoLib is configured to do so & gvcid includes FECF.
if (current_managed_parameters->has_fecf == TC_HAS_FECF)
{
// Set FECF Field if present
#ifdef FECF_DEBUG
printf(KCYN "Calcing FECF over %d bytes\n" RESET, new_enc_frame_header_field_length - 1);
#endif
Expand All @@ -642,7 +633,6 @@ int32_t Crypto_TC_ApplySecurity(const uint8_t *p_in_frame, const uint16_t in_fra
*(p_new_enc_frame + new_enc_frame_header_field_length - 1) = (uint8_t)0x00;
*(p_new_enc_frame + new_enc_frame_header_field_length) = (uint8_t)0x00;
}

index += 2;
}

Expand Down

0 comments on commit cf08901

Please sign in to comment.